Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to Read SquidGuard Logs, what does this logs mean to me?

    Scheduled Pinned Locked Moved Cache/Proxy
    2 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I Offline
      icantsleep
      last edited by

      Hi guys,

      Im new to PFSense i Setup squid+squidguard.
      both service are running, but squidguard is not blocking sites, i decided to check the logs, but i dont understand what it means. please help me just to read the logs. thanks!

      this is for squid cache.log (partial)
      2015/07/12 15:10:56| Accepting proxy HTTP connections at 192.168.0.1, port 3128, FD 17.
      2015/07/12 15:10:56| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18.
      2015/07/12 15:10:56| Accepting HTCP messages on port 4827, FD 19.
      2015/07/12 15:10:56| Accepting SNMP messages on port 3401, FD 22.
      2015/07/12 15:10:56| WCCP Disabled.
      2015/07/12 15:10:56| Ready to serve requests.
      2015/07/12 15:10:56| Done reading /cache swaplog (585 entries)
      2015/07/12 15:10:56| Finished rebuilding storage from disk.
      2015/07/12 15:10:56|      585 Entries scanned
      2015/07/12 15:10:56|        0 Invalid entries.
      2015/07/12 15:10:56|        0 With invalid flags.
      2015/07/12 15:10:56|      585 Objects loaded.
      2015/07/12 15:10:56|        0 Objects expired.
      2015/07/12 15:10:56|        0 Objects cancelled.
      2015/07/12 15:10:56|        0 Duplicate URLs purged.
      2015/07/12 15:10:56|        0 Swapfile clashes avoided.
      2015/07/12 15:10:56|  Took 0.3 seconds (2130.4 objects/sec).
      2015/07/12 15:10:56| Beginning Validation Procedure
      2015/07/12 15:10:56|  Completed Validation Procedure
      2015/07/12 15:10:56|  Validated 585 Entries
      2015/07/12 15:10:56|  store_swap_size = 12570k
      2015/07/12 15:10:56| storeLateRelease: released 0 objects
      2015/07/12 17:33:32| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 17:33:32| clientTryParseRequest: FD 40 (192.168.0.111:49943) Invalid Request
      2015/07/12 17:34:51| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 17:34:51| clientTryParseRequest: FD 68 (192.168.0.111:50010) Invalid Request
      2015/07/12 17:34:54| parseHttpRequest: Unsupported method 'LSM'
      2015/07/12 17:34:54| clientTryParseRequest: FD 50 (192.168.0.111:50015) Invalid Request
      2015/07/12 17:38:04| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 17:38:04| clientTryParseRequest: FD 28 (192.168.0.111:50126) Invalid Request
      2015/07/12 17:38:08| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 17:38:08| clientTryParseRequest: FD 34 (192.168.0.111:50134) Invalid Request
      2015/07/12 17:40:19| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 17:40:19| clientTryParseRequest: FD 35 (192.168.0.111:50203) Invalid Request
      2015/07/12 17:40:29| parseHttpRequest: Unsupported method 'LSM'
      2015/07/12 17:40:29| clientTryParseRequest: FD 15 (192.168.0.111:50209) Invalid Request
      2015/07/12 17:42:29| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 17:42:29| clientTryParseRequest: FD 29 (192.168.0.111:50223) Invalid Request
      2015/07/12 17:42:31| parseHttpRequest: Unsupported method 'LSM'
      2015/07/12 17:42:31| clientTryParseRequest: FD 35 (192.168.0.111:50226) Invalid Request
      2015/07/12 17:44:20| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 17:44:20| clientTryParseRequest: FD 28 (192.168.0.111:50239) Invalid Request
      2015/07/12 17:44:29| parseHttpRequest: Unsupported method 'LSM'
      2015/07/12 17:44:29| clientTryParseRequest: FD 56 (192.168.0.111:50245) Invalid Request
      2015/07/12 17:46:27| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 17:46:27| clientTryParseRequest: FD 35 (192.168.0.111:50262) Invalid Request
      2015/07/12 17:46:33| parseHttpRequest: Unsupported method 'LSM'
      2015/07/12 17:46:33| clientTryParseRequest: FD 29 (192.168.0.111:50269) Invalid Request
      2015/07/12 17:59:52| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 17:59:52| clientTryParseRequest: FD 76 (192.168.0.104:49666) Invalid Request
      2015/07/12 18:00:19| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 18:00:19| clientTryParseRequest: FD 29 (192.168.0.104:49699) Invalid Request
      2015/07/12 18:00:24| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 18:00:24| clientTryParseRequest: FD 63 (192.168.0.104:49708) Invalid Request
      2015/07/12 18:03:18| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 18:03:18| clientTryParseRequest: FD 15 (192.168.0.104:49720) Invalid Request
      2015/07/12 18:03:21| parseHttpRequest: Unsupported method 'USR'
      2015/07/12 18:03:21| clientTryParseRequest: FD 35 (192.168.0.104:49725) Invalid Request

      1 Reply Last reply Reply Quote 0
      • KOMK Offline
        KOM
        last edited by

        Start from the beginning.  Which version of pfSense, squid, squidguard?  Start with squid first.  Get it to the point where it's processing properly by shelling in and checking /var/squid/logs/access.log in realtime.  Once you know squid is processing, then install and configure squidguard.  Don't use transparent mode, use explicit mode with WPAD instead.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.